forked from lix-project/lix
* Fix setuid builds.
This commit is contained in:
parent
015ac7c7da
commit
4ad6fb7ea3
|
@ -9,13 +9,9 @@
|
||||||
#include <iostream>
|
#include <iostream>
|
||||||
#include <cctype>
|
#include <cctype>
|
||||||
|
|
||||||
#include <sys/types.h>
|
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
|
||||||
#include <pwd.h>
|
|
||||||
#include <grp.h>
|
|
||||||
|
|
||||||
#include <aterm2.h>
|
#include <aterm2.h>
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -13,6 +13,10 @@
|
||||||
#include <sys/wait.h>
|
#include <sys/wait.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
|
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <pwd.h>
|
||||||
|
#include <grp.h>
|
||||||
|
|
||||||
#include "util.hh"
|
#include "util.hh"
|
||||||
|
|
||||||
|
|
||||||
|
@ -913,7 +917,7 @@ void switchToNixUser()
|
||||||
/* Lookup the Nix gid. */
|
/* Lookup the Nix gid. */
|
||||||
struct group * gr = getgrnam(NIX_GROUP);
|
struct group * gr = getgrnam(NIX_GROUP);
|
||||||
if (!gr) {
|
if (!gr) {
|
||||||
cerr << format("missing group `%1%'\n") % NIX_GROUP;
|
std::cerr << format("missing group `%1%'\n") % NIX_GROUP;
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -921,7 +925,7 @@ void switchToNixUser()
|
||||||
int maxGids = 512, nrGids;
|
int maxGids = 512, nrGids;
|
||||||
gid_t gids[maxGids];
|
gid_t gids[maxGids];
|
||||||
if ((nrGids = getgroups(maxGids, gids)) == -1) {
|
if ((nrGids = getgroups(maxGids, gids)) == -1) {
|
||||||
cerr << format("unable to query gids\n");
|
std::cerr << format("unable to query gids\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -955,14 +959,14 @@ void switchToNixUser()
|
||||||
because we cannot do it after we have dropped root uid. */
|
because we cannot do it after we have dropped root uid. */
|
||||||
nixGid = gr->gr_gid;
|
nixGid = gr->gr_gid;
|
||||||
if (_setgid(nixGid) != 0 || getgid() != nixGid || getegid() != nixGid) {
|
if (_setgid(nixGid) != 0 || getgid() != nixGid || getegid() != nixGid) {
|
||||||
cerr << format("unable to set gid to `%1%'\n") % NIX_GROUP;
|
std::cerr << format("unable to set gid to `%1%'\n") % NIX_GROUP;
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Lookup the Nix uid. */
|
/* Lookup the Nix uid. */
|
||||||
struct passwd * pw = getpwnam(NIX_USER);
|
struct passwd * pw = getpwnam(NIX_USER);
|
||||||
if (!pw) {
|
if (!pw) {
|
||||||
cerr << format("missing user `%1%'\n") % NIX_USER;
|
std::cerr << format("missing user `%1%'\n") % NIX_USER;
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -971,7 +975,7 @@ void switchToNixUser()
|
||||||
succeeded.*/
|
succeeded.*/
|
||||||
nixUid = pw->pw_uid;
|
nixUid = pw->pw_uid;
|
||||||
if (_setuid(nixUid) != 0 || getuid() != nixUid || geteuid() != nixUid) {
|
if (_setuid(nixUid) != 0 || getuid() != nixUid || geteuid() != nixUid) {
|
||||||
cerr << format("unable to set uid to `%1%'\n") % NIX_USER;
|
std::cerr << format("unable to set uid to `%1%'\n") % NIX_USER;
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue